Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws – BleepingComputer

Ukraine links members of Gamaredon hacker group to Russian FSB
Samsung Galaxy S21 hacked on second day of Pwn2Own Austin
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware
US targets DarkSide ransomware, rebrands with $10 million reward
Microsoft: New Windows driver deployment service coming soon
Pre-Black Friday Sale: Get 19 courses on circuit design for just $51
Samsung sued for flawed Chromebook hinges cracking displays
OneDrive reaches end of support on Windows 7, 8 in January
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security

Today is Microsoft’s September 2021 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 60 flaws.
Microsoft has fixed 60 vulnerabilities (86 including Microsoft Edge) with today’s update, with three classified as Critical, one as Moderate, and 56 as Important.
Of the total 86 vulnerabilities (including Microsoft Edge):
For information about the non-security Windows updates, you can read about today’s Windows 10 KB5005565 & KB5005566 cumulative updates.
Microsoft has released a security update for the Windows MSHTML remote code execution vulnerability tracked as CVE-2021-40444.
Last Tuesday, Microsoft disclosed a new zero-day Windows MSHTML remote code execution vulnerability that threat actors actively used in phishing attacks.
These attacks distributed malicious Word documents that exploited the CVE-2021-40444 to download and execute a malicious DLL file that installed a Cobalt Strike beacon on the victim’s computer.
This beacon allows a threat actor to gain remote access to the device to steal files and spread laterally throughout the network.
Soon after Microsoft disclosed the vulnerability, threat actors and security researchers began sharing guides on exploiting the vulnerability, which allowed anyone to start using it in attacks, as demonstrated below.
With the September 2021 Patch Tuesday updates, Microsoft has released a security update for this vulnerability.
As researchers discovered numerous ways to exploit the bug, including a bypass to mitigations, it is not clear if the security update fixes all of the techniques.
September’s Patch Tuesday includes fixes for two zero-day vulnerabilities, with the MSHTML bug actively exploited in the wild.
Microsoft classifies a vulnerability as a zero-day if publicly disclosed or actively exploited with no official security updates released.
The publicly disclosed, but not actively exploited, zero-day vulnerability is:
The only actively exploited vulnerability is the Windows MSHTML remote code execution vulnerability, as previously discussed:
Other vendors who released updates in July include:
Below is the complete list of resolved vulnerabilities and released advisories in the September 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.
New Windows security updates break network printing
Microsoft fixes remaining Windows PrintNightmare vulnerabilities
Microsoft’s incomplete PrintNightmare patch fails to fix vulnerability
Windows MSHTML zero-day defenses bypassed as new info emerges
All Windows versions impacted by new LPE zero-day vulnerability
Not a member yet? Register Now
US defense contractor Electronic Warfare hit by data breach
Pwn2Own: Printer plays AC/DC, Samsung Galaxy S21 hacked twice
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use – Privacy Policy – Ethics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source